An Automated Answer To WLAN Setup Headaches

At the beginning of every semester, university wireless networks face a massive BYOD challenge. Wireless network onboarding services ease the pain.

10 Tech Tools To Engage Students

(click image for larger view)

Wireless networks can be very complicated. Technology is one thing, and the policy behind implementing your WLAN is completely another. There is a secret weapon to bringing order to your wireless client base -- and getting policy compliance as well -- in the form of onboarding.

In its simplest incarnation, client onboarding is an automated methodology that configures client devices for use on a specific wireless network. Rather than ask the human beings that use those devices to fumble their way through several steps to get their device settings right for use on a business-grade WLAN, onboarding does it for them. More sophisticated onboarding systems might go further than basic wireless profile setup; they might also do things like checking that Windows’ integrated firewall is enabled and that profiles for other non-secure wireless networks are removed.

Out in the wireless industry, the BYOD trend is touted as a relatively new phenomena, and onboarding has come to be seen as a must-have for customers and a must-provide for most major WLAN vendors. But those of us who support technology in the higher-ed space (and arguably to a lesser degree the K-12 tech folks) have been dealing with a client device base that is largely BYOD for years. We know that security and ease of use are often at odds, and that getting multiple operating systems to play on a secure WLAN can be a pain that throbs worse as operating systems get patched, drivers become dated and network technology refreshes. There are countless home-grown ways to tackle the issue, but modern onboarding solutions are way better.

I have had the opportunity to see or try native onboarding solutions from WLAN vendors Aerohive, AirTight, Aruba, Meru and Motorola. Each is basically the same functional animal (there are only so many ways to configure client devices), with additional strengths and weaknesses to consider. In my own very large Cisco wireless deployment, we use a third-party onboarding solution called XpressConnect, from Cloudpath. This is a market that is growing, but most native onboarding solutions work only with the vendors' own WLAN environments.

The payoff in investing in an onboarding system is measured in time and support costs. For devices that you don't already tightly manage, every onboarded device has a known starting configuration and has usually been transferred to where your policies want it to go on the network as part of the onboarding process. When users muck up their own settings, the onboarding mechanism becomes a self-help tool for getting devices reconfigured. Because the tool is developed and supported professionally, it is (hopefully) kept up to snuff in the face of device OS updates. I can vouch that for me, XpressConnect has saved thousands of support hours for hundreds of thousands of student, faculty, and staff client devices through the last several years.

The mechanics of any onboarding system are similar. Through an administrative dashboard, you configure the settings that are appropriate for your environment. Exact settings will vary depending on the onboarding solution in use, but I can share a bit about XpressConnect and the various knobs I turn for my own onboarding service. These include setting 802.1x EAP (authentication protocol) types, authentication servers, SSIDs to be used, custom graphical elements, security settings to touch and a lot more. You can force a redirect to kick in at the end of the authentication process, for example to take newly configured users to an informational Web page. You can also have custom settings for different Windows and Mac OS flavors, different iOS and Android versions, and even limited support of Linux. It's powerful and fairly intuitive.

If you find yourself shopping, many onboarding services also have hooks into wireless guest portals, reporting on device types and counts in service, and other WLAN-related features you might need, so define your requirements well. As wireless hardware fast reaches the point where it's largely commoditized, services like onboarding really become a differentiator -- especially where IT talent and budgets are thin.

"When users muck up their own settings, the onboarding mechanism becomes a self-help tool for getting devices reconfigured." That has to be music to the ears of your staff. Anyone want to share experiences with these services in an enterprise setting?

Is a big question, and depends on individual school policies, and granularity with which different client demographics are handled. But, where corporate or educational, there are only so many ways to slice the cucumber.

To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.

Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.